Uploaded image for project: 'Spring Security'
  1. Spring Security
  2. SEC-1139

acl_object_identity.owner_sid should be 'not null' in schema

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: Docs and Website
    • Labels:
      None

      Description

      In the documentation (src/docbkx/appendix-db-schema.xml), acl_object_identity.owner_sid is defined as:
      owner_sid bigint,

      but in the code, AclImpl.java requires that the owner sid is not null, and in fact you'll get an exception from BasicLookupStrategy attempting to create sids with null values if you read an object identity with a null owner_sid. Triggered this bug migrating data from a non-spring/acegi acl implementation which didn't use owners.

      https://fisheye.springsource.org/browse/spring-security/trunk/src/docbkx/appendix-db-schema.xml

        Issue Links

          Activity

          Hide
          luke Luke Taylor added a comment -

          Thanks Baz. I've added that to the docs.

          The condition may be relaxed in future to allow the owner to be optional, but it is always possible to use a default or system owner so the cleanest solution is probably to retain the requirement in the default implementation and clarify that the owner must always be set.

          Show
          luke Luke Taylor added a comment - Thanks Baz. I've added that to the docs. The condition may be relaxed in future to allow the owner to be optional, but it is always possible to use a default or system owner so the cleanest solution is probably to retain the requirement in the default implementation and clarify that the owner must always be set.
          Hide
          lgaudez Gaudez added a comment -

          I had the same issue with version 3.2.5. I had to use a "super owner" to fix the problem.
          Should I open a new issue? Where may I provide more details?

          thanks

          Show
          lgaudez Gaudez added a comment - I had the same issue with version 3.2.5. I had to use a "super owner" to fix the problem. Should I open a new issue? Where may I provide more details? thanks

            People

            • Assignee:
              luke Luke Taylor
              Reporter:
              bazzargh Brian Ewins
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: